SlideShare a Scribd company logo

Meet the crack team who just exposed 'The Great Cannon,' China's insanely powerful hacking tool

H
handsomelykeepe65

I saw this whilst I was looking for something completely different and thought that it might be of i...

1 of 4
Download to read offline
Meet the crack team who just exposed 'The Great Cannon,' China's insanely powerful hacking tool I saw this whilst I was looking for something completely different and thought that it might be of interest. The Great Cannon: Chinese hacking tool exposed - Business Insider steel_chas via flickr See Also Chinese unveil 'The Great Cannon,' an offensive hacking and censorship program
China just revealed a terrifying new cyberweapon Why slower growth is good for China A few weeks ago Github was the target of a malicious distributed denial of service (DDoS) attack focusing on pages owned by pro-Chinese free speech websites. Now, researchers at the University of Toronto's Citizen Lab have released a bombshell report about a Chinese cyberweapon they've dubbed "The Great Cannon," which appears to be the source of the attacks.? The researchers began looking into the bizarre Github attack as soon as it happened. Bill Marczak, the lead researcher at Citizen Lab, explained to Business Insider that as soon as they saw the strange traffic patterns causing the DDoS attacks, they thought, "Oh, this was interesting." What was interesting, explained fellow co-lead Nicholas Weaver of UC Berkeley, was that they observed traffic being blocked. Whatever was happening to Github was blocking communication. China has been known for years for its Great Firewall, which was the huge censoring filter the regime imposes on all web users using its networks. But while the Great Firewall is a tool for censorship, it never blocks communication.? Then, they set out to see if they could duplicate the attack. The researchers concluded that the Great Cannon is? "a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man- in-the-middle."? In laymen"s terms this means that anyone visiting an unsecure website could unwittingly be used as a tool in cyberwarfare. Any web user that visits an unencrypted Chinese website could have code injected into their systems before they reached the site, which would cause the web user to be part of a DDoS attack. Even more frightening is the potential the Great Cannon could have as a spying tool. "With a few tweaks, the Great Cannon could be used to spy on anyone who happens to fetch content hosted on a Chinese computer, even by visiting a non-Chinese website that contains Chinese advertising content," the New York Times writes. ? ?
Business Insider The two researchers have slightly different backgrounds, but their expertise met when they analyzed these attacks. Weaver has been studying the Great Firewall for quite a while. His academic interest focuses on network measurement and how online communication. China's censorship has been around for so long and so well-known, that it was a great way for him to test how internet censorship works.? Marczak"s background is primarily in regimes and organizations launching active cyber attacks. Thus, a project involving China " who is known for surveillance and censorship " was somewhat new to him. "I focus on the Middle East," he told Business Insider. "How governments are working to hack dissidents and spy on them."? What makes the Great Cannon so interesting is that it"s a sort of Janus-faced attack mechanism. Its internal coding can be used to both redirect traffic to launch full-on assaults on unsuspecting web victims, but it can also be used for surveillance. Indeed, the report noted a huge similarity to the Quantum system, which was reportedly used to help the NSA and British authorities perform targeted surveillance.? Marczak explained such a tool being used by huge governments isn"t necessarily surprising. In fact, he"s seen private companies sell similar surveillance tools to regimes. Weaver was alarmed by the way the DDoS attack tool could easily change to spy tool. "It"s a trivial change to have this device exploit individual computers," he said. They also noted how brazen China was with the tool. Once the Github attacks had been mitigated, China didn"t stop. "The injection happened well after the time GitHub mitigated the attack," said
Marczak.? This, to him, meant China didn"t care if anyone saw. In fact, it"s likely China wanted to be seen. "It was a very public demonstration of the capability," Marczak concluded. SEE ALSO: How a man who worked for the Lottery Association may have hacked the system for a winning ticket NOW WATCH: Animated map shows what would happen to China if all the Earth's ice meltedPlease enable Javascript to watch this video http://www.businessinsider.com/the-great-cannon-chinese-hacking-tool-exposed-2015-4

Recommended

Hello, Python
Hello, PythonHello, Python
Hello, Python
hardwyrd
 
Cirriculum Vitate - Pimpisa P.
Cirriculum Vitate - Pimpisa P.Cirriculum Vitate - Pimpisa P.
Cirriculum Vitate - Pimpisa P.
Professional Business Expert
 
ProfBizExpert_Pimpisa_20160525
ProfBizExpert_Pimpisa_20160525ProfBizExpert_Pimpisa_20160525
ProfBizExpert_Pimpisa_20160525
Professional Business Expert
 
Hilfe braucht Partner Broschüre
Hilfe braucht Partner BroschüreHilfe braucht Partner Broschüre
Hilfe braucht Partner Broschüre
DRKUnternehmen
 
Historia de la Calidad
Historia de la CalidadHistoria de la Calidad
Historia de la Calidad
Ashley Stronghold Witwicky
 
Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Conversion Rate Optimisation - A fundamental part of your digital marketing s...Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Visualsoft
 
Tugas
TugasTugas
Tugas
Yurisa Malina
 
Let's debate
Let's debateLet's debate
Let's debate
Abdulazeez Alugo
 

Recommended

Hello, Python
Hello, PythonHello, Python
Hello, Python
hardwyrd
 
Cirriculum Vitate - Pimpisa P.
Cirriculum Vitate - Pimpisa P.Cirriculum Vitate - Pimpisa P.
Cirriculum Vitate - Pimpisa P.
Professional Business Expert
 
ProfBizExpert_Pimpisa_20160525
ProfBizExpert_Pimpisa_20160525ProfBizExpert_Pimpisa_20160525
ProfBizExpert_Pimpisa_20160525
Professional Business Expert
 
Hilfe braucht Partner Broschüre
Hilfe braucht Partner BroschüreHilfe braucht Partner Broschüre
Hilfe braucht Partner Broschüre
DRKUnternehmen
 
Historia de la Calidad
Historia de la CalidadHistoria de la Calidad
Historia de la Calidad
Ashley Stronghold Witwicky
 
Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Conversion Rate Optimisation - A fundamental part of your digital marketing s...Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Conversion Rate Optimisation - A fundamental part of your digital marketing s...
Visualsoft
 
Tugas
TugasTugas
Tugas
Yurisa Malina
 
Let's debate
Let's debateLet's debate
Let's debate
Abdulazeez Alugo
 
Independents' Day - a time to celebrate local businesses
Independents' Day - a time to celebrate local businessesIndependents' Day - a time to celebrate local businesses
Independents' Day - a time to celebrate local businesses
handsomelykeepe65
 
Hardy loses specialty head
Hardy loses specialty headHardy loses specialty head
Hardy loses specialty head
handsomelykeepe65
 
Market cycle could become asymmetric: Sapnar
Market cycle could become asymmetric: SapnarMarket cycle could become asymmetric: Sapnar
Market cycle could become asymmetric: Sapnar
handsomelykeepe65
 
Nate Silver: Hillary Has A 50/50 Shot
Nate Silver: Hillary Has A 50/50 ShotNate Silver: Hillary Has A 50/50 Shot
Nate Silver: Hillary Has A 50/50 Shot
handsomelykeepe65
 
Test
TestTest
Test
handsomelykeepe65
 
Test
TestTest
Test
handsomelykeepe65
 
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot AirWhat Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
handsomelykeepe65
 
Uber partners with Starwood Hotels to offer reward points for rides
Uber partners with Starwood Hotels to offer reward points for ridesUber partners with Starwood Hotels to offer reward points for rides
Uber partners with Starwood Hotels to offer reward points for rides
handsomelykeepe65
 
Test
TestTest
Test
handsomelykeepe65
 

More Related Content

More from handsomelykeepe65

More from handsomelykeepe65 (9)

Independents' Day - a time to celebrate local businesses
Independents' Day - a time to celebrate local businessesIndependents' Day - a time to celebrate local businesses
Independents' Day - a time to celebrate local businesses
 
Hardy loses specialty head
Hardy loses specialty headHardy loses specialty head
Hardy loses specialty head
 
Market cycle could become asymmetric: Sapnar
Market cycle could become asymmetric: SapnarMarket cycle could become asymmetric: Sapnar
Market cycle could become asymmetric: Sapnar
 
Nate Silver: Hillary Has A 50/50 Shot
Nate Silver: Hillary Has A 50/50 ShotNate Silver: Hillary Has A 50/50 Shot
Nate Silver: Hillary Has A 50/50 Shot
 
Test
TestTest
Test
 
Test
TestTest
Test
 
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot AirWhat Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
What Net Neutrality Opponents Are Saying Now — And Why It’s A Lot Of Hot Air
 
Uber partners with Starwood Hotels to offer reward points for rides
Uber partners with Starwood Hotels to offer reward points for ridesUber partners with Starwood Hotels to offer reward points for rides
Uber partners with Starwood Hotels to offer reward points for rides
 
Test
TestTest
Test
 

Meet the crack team who just exposed 'The Great Cannon,' China's insanely powerful hacking tool

  • 1. Meet the crack team who just exposed 'The Great Cannon,' China's insanely powerful hacking tool I saw this whilst I was looking for something completely different and thought that it might be of interest. The Great Cannon: Chinese hacking tool exposed - Business Insider steel_chas via flickr See Also Chinese unveil 'The Great Cannon,' an offensive hacking and censorship program
  • 2. China just revealed a terrifying new cyberweapon Why slower growth is good for China A few weeks ago Github was the target of a malicious distributed denial of service (DDoS) attack focusing on pages owned by pro-Chinese free speech websites. Now, researchers at the University of Toronto's Citizen Lab have released a bombshell report about a Chinese cyberweapon they've dubbed "The Great Cannon," which appears to be the source of the attacks.? The researchers began looking into the bizarre Github attack as soon as it happened. Bill Marczak, the lead researcher at Citizen Lab, explained to Business Insider that as soon as they saw the strange traffic patterns causing the DDoS attacks, they thought, "Oh, this was interesting." What was interesting, explained fellow co-lead Nicholas Weaver of UC Berkeley, was that they observed traffic being blocked. Whatever was happening to Github was blocking communication. China has been known for years for its Great Firewall, which was the huge censoring filter the regime imposes on all web users using its networks. But while the Great Firewall is a tool for censorship, it never blocks communication.? Then, they set out to see if they could duplicate the attack. The researchers concluded that the Great Cannon is? "a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man- in-the-middle."? In laymen"s terms this means that anyone visiting an unsecure website could unwittingly be used as a tool in cyberwarfare. Any web user that visits an unencrypted Chinese website could have code injected into their systems before they reached the site, which would cause the web user to be part of a DDoS attack. Even more frightening is the potential the Great Cannon could have as a spying tool. "With a few tweaks, the Great Cannon could be used to spy on anyone who happens to fetch content hosted on a Chinese computer, even by visiting a non-Chinese website that contains Chinese advertising content," the New York Times writes. ? ?
  • 3. Business Insider The two researchers have slightly different backgrounds, but their expertise met when they analyzed these attacks. Weaver has been studying the Great Firewall for quite a while. His academic interest focuses on network measurement and how online communication. China's censorship has been around for so long and so well-known, that it was a great way for him to test how internet censorship works.? Marczak"s background is primarily in regimes and organizations launching active cyber attacks. Thus, a project involving China " who is known for surveillance and censorship " was somewhat new to him. "I focus on the Middle East," he told Business Insider. "How governments are working to hack dissidents and spy on them."? What makes the Great Cannon so interesting is that it"s a sort of Janus-faced attack mechanism. Its internal coding can be used to both redirect traffic to launch full-on assaults on unsuspecting web victims, but it can also be used for surveillance. Indeed, the report noted a huge similarity to the Quantum system, which was reportedly used to help the NSA and British authorities perform targeted surveillance.? Marczak explained such a tool being used by huge governments isn"t necessarily surprising. In fact, he"s seen private companies sell similar surveillance tools to regimes. Weaver was alarmed by the way the DDoS attack tool could easily change to spy tool. "It"s a trivial change to have this device exploit individual computers," he said. They also noted how brazen China was with the tool. Once the Github attacks had been mitigated, China didn"t stop. "The injection happened well after the time GitHub mitigated the attack," said
  • 4. Marczak.? This, to him, meant China didn"t care if anyone saw. In fact, it"s likely China wanted to be seen. "It was a very public demonstration of the capability," Marczak concluded. SEE ALSO: How a man who worked for the Lottery Association may have hacked the system for a winning ticket NOW WATCH: Animated map shows what would happen to China if all the Earth's ice meltedPlease enable Javascript to watch this video http://www.businessinsider.com/the-great-cannon-chinese-hacking-tool-exposed-2015-4